[krbdev.mit.edu #5998] use-after-free bugs [CVE-2010-0629]

Tom Yu via RT rt-comment at krbdev.mit.edu
Wed Feb 24 22:25:57 EST 2010

Previous message: [krbdev.mit.edu #6668] Two problems in kadm5_get_principal mask handling
Next message: [krbdev.mit.edu #6604] issues with gss_inquire_context and gss_display_context when using SPNEGO
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Assigned CVE-2010-0629 to the kadmind issue; it can cause a denial of service (but requires 
authentication).  Also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=567052

CVSSv2 metrics:

AV:N/AC:L/Au:S/C:N/I:N/A:C/E:POC/RL:OF/RC:C

http://nvd.nist.gov/cvss.cfm?
calculator&adv&version=2&vector=(AV:N/AC:L/Au:S/C:N/I:N/A:C/E:P/RL:O/RC:C)

Previous message: [krbdev.mit.edu #6668] Two problems in kadm5_get_principal mask handling
Next message: [krbdev.mit.edu #6604] issues with gss_inquire_context and gss_display_context when using SPNEGO
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the krb5-bugs mailing list